ISPC3 SVN bugs and comments

Hi I've been tinkering with ISPConfig 4 Svn for a few days. Just thought I'd pass on some bugs I've spotted. After finding and signing up to the bugtracker I realised I couldn't post there.

The interface/web/admin/lib/lang/en_users.lng file was accidently replaced with nl version in revision 407.

More obvious what a client has the rights to edit and delete? ie admin creates a web domain. It appears as though the client can edit it but none of the changes get applied. Possibly some way to change the ownership?

Some way for the client to be aware what their limits are?

Clients cannot see FTP or shell users in their domains that the admin created.

Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY.

Log folder. It is a symlink in clients/clientY/webX to /var/log/ispconfig/... which cannot be accessed by a chrooted user. Should this not be around the other way? Apache uses clients/clientY/webX/log for ErrorLog anyway. Does anything maintain the size of ErrorLog? Or will these just grow?

BTW should the user choose to randomly remove the log symlink apache will fail to start. Needs owning folders to be an unrelated UID/GID.

I was poking through the install.php file and noticed that Expert does not configure jailkit.

Are e-mail quotas in MB, KB, Bytes, bits...?

More comments/wishes than bugs:

I see you're still maintaining /etc/passwd and /etc/group. Why not NSS with mysql backend (libnss-mysql on Debian)?

Display the owning client login name in the Email/Sites/DNS pages, certainly on the admin screen. Less important on the client's view

Some way to have shell and ftp users include the domain, rather than the client having to blindly guess at creating a system wide unique log in. I believe this was the way in ISPC2? Maybe a similar system for mysql but working with that daft 16 character username limit .

Hide options that are disabled for clients? eg remove "Email Catchall" option if set to 0, or the "Add x" when limit has been reached (or change to "limit reached"?)

Client level quota limits. Seems a little pointless having the client able to set arbitrary site quota limits themselves. I note this exists for e-mail, but client is only aware when they hit it.

Better restriction of what the client can set. I realise this would be quite a tall order. For example say that all sites a particular client can create are suexec, with suphp and cannot have SSI. Also to be able to create shell users, but they are jailkit only. etc. :/.

When creating shell/ftp users could there be some way to filter by client and then domain, rather than just domain? Although this only affects the admin view.

"Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY."

Yup. there is a bug here. It seems that I have found if the admin creates a website for a client, then the website is not added to the client's folder, but rather to the admin's folder.

I think that the problem lies when the site is created and how the clients id is retrieved. But after looking at file interface/web/sites/web_domain_edit.php I think this could be a feature rather than a bug. It's worth asking Till about.

Hi I've been tinkering with ISPConfig 4 Svn for a few days. Just thought I'd pass on some bugs I've spotted. After finding and signing up to the bugtracker I realised I couldn't post there.

The interface/web/admin/lib/lang/en_users.lng file was accidently replaced with nl version in revision 407.

More obvious what a client has the rights to edit and delete? ie admin creates a web domain. It appears as though the client can edit it but none of the changes get applied. Possibly some way to change the ownership?

Some way for the client to be aware what their limits are?

Clients cannot see FTP or shell users in their domains that the admin created.

Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY.

Log folder. It is a symlink in clients/clientY/webX to /var/log/ispconfig/... which cannot be accessed by a chrooted user. Should this not be around the other way? Apache uses clients/clientY/webX/log for ErrorLog anyway. Does anything maintain the size of ErrorLog? Or will these just grow?

BTW should the user choose to randomly remove the log symlink apache will fail to start. Needs owning folders to be an unrelated UID/GID.

I was poking through the install.php file and noticed that Expert does not configure jailkit.

Are e-mail quotas in MB, KB, Bytes, bits...?

More comments/wishes than bugs:

I see you're still maintaining /etc/passwd and /etc/group. Why not NSS with mysql backend (libnss-mysql on Debian)?

Display the owning client login name in the Email/Sites/DNS pages, certainly on the admin screen. Less important on the client's view

Some way to have shell and ftp users include the domain, rather than the client having to blindly guess at creating a system wide unique log in. I believe this was the way in ISPC2? Maybe a similar system for mysql but working with that daft 16 character username limit .

Hide options that are disabled for clients? eg remove "Email Catchall" option if set to 0, or the "Add x" when limit has been reached (or change to "limit reached"?)

Client level quota limits. Seems a little pointless having the client able to set arbitrary site quota limits themselves. I note this exists for e-mail, but client is only aware when they hit it.

Better restriction of what the client can set. I realise this would be quite a tall order. For example say that all sites a particular client can create are suexec, with suphp and cannot have SSI. Also to be able to create shell users, but they are jailkit only. etc. :/.

When creating shell/ftp users could there be some way to filter by client and then domain, rather than just domain? Although this only affects the admin view.

"Client created domains end up in clients/client0/webX yet symlinks are created to them in clients/clientY."

Yup. there is a bug here. It seems that I have found if the admin creates a website for a client, then the website is not added to the client's folder, but rather to the admin's folder.

I think that the problem lies when the site is created and how the clients id is retrieved. But after looking at file interface/web/sites/web_domain_edit.php I think this could be a feature rather than a bug. It's worth asking Till about.

Click to expand...

I think we misunderstand each other . Say I have a client with ID 3. The admin creates them a website www.test.com, ID 7. The folder structure /var/clients/client3/web7 gets created. The symlinks /var/www/www.test.com and /var/clients/client3/www.test.com both point to /var/clients/client3/web7

However if client 3 then creates a website www.test2.com, ID 8 this gets created as /var/clients/client0/web8. The symlinks /var/www/www.test2.com and /var/clients/client3/www.test2.com both point at /var/clients/client0/web8

Interesting.... I would think if the client with ID=3 creates the site it woudl be in /var/clients/client3/web7/ and if the admin creates the site it would be in /var/clients/client0/web8/ Is this not the case? could you double check?

Does this effect the users? If the client creates the first site, and the admin creates the second one, does this change anything about how the client interacts with the site?

I just created a new user, logged in with them and created a site. /var/clients/client4 was not created. The site ended up in /var/clients/client0/web9. The symlink /var/www/moo.com pointed at /var/clients/client0/web9.

Then created a site with admin. It was created as /var/clients/client4/web10. Two symlinks correct as before.

This sounds like a continuation of bugtracker bug #236 where it was only fixed for admin.